AVG-2029 log

Package vault
Status Fixed
Severity Medium
Type authentication bypass
Affected 1.7.1-2
Fixed 1.7.2-1
Current 1.21.0-1 [extra]
Ticket None
Created Thu Jun 3 12:26:34 2021
Issue Severity Remote Type Description
CVE-2021-32923 Medium Yes Authentication bypass 
HashiCorp Vault before version 1.7.2 allowed the renewal of nearly- expired token leases and dynamic secret leases (specifically, those within 1 second of...